Hi, we are upgrading some of our internal access controls in light of users
being incapable of choosing realistic passwords (and not keeping them a
secret when they do).
We're looking at going with SecureID as an authentication system but have
some issues:
We want to use it on every system (I.E. all machines are bastions) rather
than as a perimeter screen. The issue we have with this is tokens are a one
shot deal and we have to wait 60 seconds before we can log into another
system. Since we're running 10's of machines in an OLTP environment (web
servers) this gets to be a pain real fast.
Our supplier is suggesting we look at BoKS which seems to offer a single
login solution, the customer list (mostly banks) is impressive, but I'm a
little skeptical of such things.
Do any of you have any knowledge of BoKS? Is it any good? What else should
we look at? Are there alternatives to secureid that support NT, Solaris,
HP/UX and Netscape Servers?
John
Follow-Ups:
|
|
